Ports & Protocols: A Comprehensive Guide

By /

Listen to this Post

Port numbers are 16-bit numerical values ranging from 0 to 65535, categorized into:
– Well-known ports (0-1023) – Reserved for system services.
– Registered ports (1024-49151) – Assigned to specific applications.
– Dynamic/Private ports (49152-65535) – Used for temporary connections.

What Are Ports & Protocols?

  • Protocol: The set of rules governing communication (e.g., HTTP, FTP, SSH).
  • Port: The virtual door through which data travels (e.g., Port 80 for HTTP).

Key Ports & Their Uses

| Port | Protocol | Purpose |

||-||

| 80 | HTTP | Unencrypted web traffic (e.g., http://example.com`). |
| 443 | HTTPS | Encrypted web traffic (SSL/TLS). |
| 21 | FTP | File transfers (e.g., `ftp://server.com`). |
| 22 | SSH | Secure remote login (e.g., `ssh user@host). |
| 53 | DNS | Translates domain names to IPs (e.g., nslookup example.com). |
| 25 | SMTP | Sending emails (e.g., mail servers). |
| 110 | POP3 | Retrieving emails (older protocol). |

Why Are Ports Important in Cybersecurity?

Ports act as entry points—if left open, attackers can exploit them.

Common Threats:

  • Port Scanning: Hackers use tools like `nmap` (nmap -p 1-1000 target.com) to detect vulnerabilities.
  • DDoS Attacks: Flooding a port (e.g., HTTP/80) to crash services.
  • Brute Force Attacks: Targeting SSH (22) or RDP (3389) with password-guessing tools like Hydra.

You Should Know: Essential Commands & Practices

1. Scanning & Monitoring Ports

  • Nmap Scan: 
    nmap -sV -p 1-1000 target.com # Scan common ports
nmap -A -T4 target.com # Aggressive scan
  • Check Open Ports on Local Machine: 
    netstat -tuln # Linux
Get-NetTCPConnection -State Listen # Windows (PowerShell)

2. Securing Ports

  • Firewall Rules (Linux): 
    sudo ufw allow 22/tcp # Allow SSH
sudo ufw deny 21/tcp # Block FTP
sudo ufw enable # Activate firewall
  • Windows Firewall: 
    New-NetFirewallRule -DisplayName "Block Port 21" -Direction Inbound -LocalPort 21 -Protocol TCP -Action Block

3. Testing for Vulnerabilities

  • SSH Hardening: 
    sudo nano /etc/ssh/sshd_config # Disable root login & change port

Add:

PermitRootLogin no
Port 2222 # Change default SSH port

Then restart SSH:

sudo systemctl restart sshd

What Undercode Say

Understanding ports and protocols is crucial for cybersecurity. Attackers constantly scan for weak points, so hardening systems is essential. Use firewalls, disable unused ports, and monitor traffic with tools like `tcpdump` (sudo tcpdump port 80). Always encrypt sensitive communications (SSH, HTTPS) and keep software updated to patch vulnerabilities.

Expected Output:

A secure system with minimal open ports, monitored traffic, and encrypted connections reduces attack surfaces significantly.

(No irrelevant URLs or comments included as per request.)

References:

Reported By: Prabhu Kiran – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 TelegramFeatured Image

Related Posts: